Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ähnlich wie Jeanette Rankins Patient Privacy Training
Ähnlich wie Jeanette Rankins Patient Privacy Training (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Jeanette Rankins Patient Privacy Training
- 1. Patient Privacy Training MHA 690: Capstone Health Jeanette Rankins Week 1 Discussion 2
- 2. Patient Privacy Training Process What training could you as a manager put into place to avoid this situation? 1. Formulate a HIPAA Compliance Plan 2. Perform risk assessment’s 3. Enforce Privacy and Security Policy Procedures 4. Required Mandatory annual training (including new hires) 5. Actions and Consequences
- 3. HIPAA COMPLIANCE PLAN The first step as a manager would be to consult with the corporate compliance officer to initiate an internal audit of all the staff members who may have been in contact with the celebrities. This process will let the manager know who was on staff during the time of admission and the number of times the patients records were viewed including logging information and treatments and changes to medical conditions
- 4. Risk Assessment The manager should conduct a risk assessment on the work place and electronic devices to assess the potential risks and vulnerabilities to the confidentiality, integrity and availability of Protected Health Information (PHI) under covered entities. This also include checking to see how many employees viewed the information using the same password
- 5. Privacy and Security Policy Procedures • Under the HIPAA Privacy Rule covered entities must train all members of its workforce as necessary and appropriate for the members of the workforce to carry out their functions. Under the Security Rule and Regulation implement a security awareness and training program for all members of its workforce [including management]. Care providers are required to provide all individuals affected by any such breaches with a description of the incident, including information about what steps they should take to protect themselves and what steps the care provider will take to recover the loss and avoid further breaches.
- 6. Mandatory Annual Training Basic privacy and security training should be provided before an individual obtains access to confidential or personal information. At a minimum, the principles should be conveyed at least annually thereafter. Training also may be needed after changes in policies; following increases in levels of access or sensitivity of information; to react to changes in technology; and following a security incident and other situations, such as a merger or acquisition. All Employee will be required to take a mandatory annual course on Corporate Compliances, HIPAA laws and rules, Privacy and Security laws
- 7. Actions & Consequences Ensuring the privacy and security of patient information needs to be a paramount concern at all times. While it is impossible to control all the actions of employees, organizations can and must take reasonable and appropriate action to secure information as much as possible. Illegally accessing and giving leaking patient health information without written permission regardless of celebrity status will result in severe disciplinary actions which may include the loss of licensures and termination of employment
- 8. References: Fisher, M., 2018 ”Employer liability and the legal consequences of violating patient data privacy” Retrieved from: https://medcitynews.com/2018/11/employer- liability-and-the-legal-consequences-of-violating- patient-data-privacy/?rf=1 Fox News. (2008). Report Over 120 UCLA hospital staff saw celebrity health records Retrieved from http://www.foxnews.com/story/0,2933,398784,0 0.html